package com.example.ssrbac.controller;

import com.example.ssrbac.dto.UserDTO;
import com.example.ssrbac.service.UserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import javax.validation.Valid;
import java.util.Set;

@RestController
@RequestMapping("/api/users")
public class UserController {
    private static final Logger logger = LoggerFactory.getLogger(UserController.class);

    @Autowired
    private UserService userService;

    @PostMapping
    @PreAuthorize("hasAuthority('USER_CREATE')")
    public ResponseEntity<UserDTO> createUser(@Valid @RequestBody UserDTO userDTO) {
        logger.info("Creating new user with username: {}", userDTO.getUsername());
        UserDTO createdUser = userService.createUser(userDTO);
        logger.info("User created successfully with ID: {}", createdUser.getId());
        return ResponseEntity.ok(createdUser);
    }

    @PutMapping("/{id}")
    @PreAuthorize("hasAuthority('USER_UPDATE')")
    public ResponseEntity<UserDTO> updateUser(@PathVariable Long id, @Valid @RequestBody UserDTO userDTO) {
        logger.info("Updating user with ID: {}", id);
        UserDTO updatedUser = userService.updateUser(id, userDTO);
        logger.info("User updated successfully: {}", id);
        return ResponseEntity.ok(updatedUser);
    }

    @DeleteMapping("/{id}")
    @PreAuthorize("hasAuthority('USER_DELETE')")
    public ResponseEntity<Void> deleteUser(@PathVariable Long id) {
        logger.info("Deleting user with ID: {}", id);
        userService.deleteUser(id);
        logger.info("User deleted successfully: {}", id);
        return ResponseEntity.ok().build();
    }

    @GetMapping("/{id}")
    @PreAuthorize("hasAuthority('USER_READ')")
    public ResponseEntity<UserDTO> getUserById(@PathVariable Long id) {
        logger.debug("Fetching user by ID: {}", id);
        UserDTO user = userService.getUserById(id);
        logger.debug("User fetched successfully: {}", id);
        return ResponseEntity.ok(user);
    }

    @GetMapping
    @PreAuthorize("hasAuthority('USER_READ')")
    public ResponseEntity<Page<UserDTO>> getAllUsers(Pageable pageable) {
        logger.debug("Fetching all users with pagination: {}", pageable);
        Page<UserDTO> users = userService.getAllUsers(pageable);
        logger.debug("All users fetched successfully, total: {}", users.getTotalElements());
        return ResponseEntity.ok(users);
    }

    @PostMapping("/{id}/roles")
    @PreAuthorize("hasAuthority('USER_ASSIGN_ROLES')")
    public ResponseEntity<UserDTO> assignRoles(@PathVariable Long id, @RequestBody Set<Long> roleIds) {
        logger.info("Assigning {} roles to user: {}", roleIds.size(), id);
        UserDTO updatedUser = userService.assignRoles(id, roleIds);
        logger.info("Roles assigned successfully to user: {}", id);
        return ResponseEntity.ok(updatedUser);
    }
} 